Bug 62114

Summary: HTTP(S) Test Script Recorder : Client certificate authentication uses the first SSLManager created
Product: JMeter Reporter: Philippe Mouawad <p.mouawad>
Component: HTTPAssignee: JMeter issues mailing list <issues>
Status: RESOLVED FIXED    
Severity: normal CC: p.mouawad
Priority: P2 Keywords: FixedInTrunk
Version: 2.13   
Target Milestone: JMETER_5.0   
Hardware: All   
OS: All   

Description Philippe Mouawad 2018-02-18 11:02:50 UTC
Reproducing:

- Clone https://github.com/hokein/electron-sample-apps/tree/master/client-certificate
- Run ssl/setup.sh
- Run node server.js
- Input the client.p12 into firefox "Your certificate"
- Hit https://localhost:5000 , you are asked for a certificate and then have approved page

Now to test with JMeter:
- Setup -Djavax.net.ssl.keyStore=<path to client.p12> -Djavax.net.ssl.keyStorePassword=password
- Clear your FF  history
- Use Recording Template
- Start it
- Add JMeter ROOT CA in FF
- Hit https://localhost:5000, you immediately get "denied"

Switch implementation for Java and restart: 
- Clear your FF  history
- You get approved
Comment 1 Philippe Mouawad 2018-02-18 20:45:14 UTC
After further investigation it appears that issue was due to an old SSLManager that was an instance variable of HttpSSLProtocolSocketFactory which was used.
As an effect first certificate loaded was incorrect, updating it with SSLManager menu had no effect.
Comment 2 Philippe Mouawad 2018-02-18 20:48:45 UTC
Author: pmouawad
Date: Sun Feb 18 20:48:21 2018
New Revision: 1824707

URL: http://svn.apache.org/viewvc?rev=1824707&view=rev
Log:
Bug 62114 - HTTP(S) Test Script Recorder : Client certificate authentication uses the first SSLManager created
Contributed by UbikLoadPack
Bugzilla Id: 62114

Modified:
    jmeter/trunk/src/core/org/apache/jmeter/util/HttpSSLProtocolSocketFactory.java
    jmeter/trunk/src/core/org/apache/jmeter/util/JsseSSLManager.java
    jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/sampler/HTTPHC4Impl.java
    jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/util/HC4TrustAllSSLSocketFactory.java
    jmeter/trunk/xdocs/changes.xml